Want to stop your installations being from an unknown publisher according to Window 7’s UAC?

Well, if you’ve got a code signing certificate, you’ll want to sign your MSI files. You can of course just sign your files manually using the signtool utility as follows:

signtool.exe sign /a “path to your msi“

The location of signtool varies depending on which version of Visual Studio you have installed. You can do a search for it, or you can just run it via the “Visual Studio Command Prompt” shortcut in your start menu (under Microsoft Visual Studio/Visual Studio Tools)

Obviously that gets annoying pretty quickly if you’re compiling it in Visual Studio all the time, so instead just add the call to signtool as a Post Build script within your Setup project:

Make sure the path to signtool is correct. Also, change “My Application” to the name of your application – this appears as the program name in the UAC prompt that appears. If you don’t set it to a value, the default will be the name if the MSI that Windows Installer assigns (which you can assume will be some ugly hex number)

You can also add a link to additional information about your product by using the /du parameter with signtool – but I’ll leave that to you to work out…